Dakota Nelson

I'm a pentester, security researcher, and developer, but my interests range from forecasting and economics to amateur radio, system design and architecture, and space exploration. I have way too many interests to reasonably list them here.

Creations

A few of the things I’ve created - either by myself or as the lead on a team.

Pushpin-Web

Pushpin-web provides a web interface that can monitor geotagged social media data from multiple platforms in real time.

Read more..

Sneaky-Creeper Social Media C2

Sneaky-creeper is a Python library that allows for easy command and control using third-party channels such as Twitter, Tumblr, SalesForce, and SoundCloud.

Read more..

Open Source Contributions

Things that I help with but did not create.

The Empire Project

Empire is a PowerShell and Python post-exploitation agent.

Read more..

Publications

A subset of my public talks, papers, and blog posts.

Webcast - Tweets, Beats, and Sheets: C2 Over Social Media

A webcast about the sneaky-creeper social media command and control library.

March 2018

Talk - Social Media C2

Command and control of malware using legitimate third-party sites such as Twitter, Tumblr, SalesForce, Google Sheets, and SoundCloud. Presented at BSides Las Vegas 2015.

August 2015

Paper - Security of the Near Field Communication Protocol

A paper published in the Journal of Computing Sciences in Colleges discussing security issues with the near field communication (NFC) protol common in modern phones. This was published during my senior year of high school.

December 2013

Talk - Monitoring Social Media in 5 Minutes a Week

This talk introduces pushpin-web, a project which allows for automated real-time collection of geotagged social media from several different platforms.

September 2017

Talk - Total Recoll

Learn how to use Recoll, a very handy swiss army knife full-text search tool. Presented at the DEF CON 25 Recon Village.

August 2017

Blog Post - Steganography: The Art and Science of Hiding Things in Other Things

A series of blog posts introducing the reader to steganography and error correcting codes.

October 2016

Experience

Pentester and Security Researcher

Black Hills Information Security

Consulting, research, development, and a whole lot more.

February 2017 - Present

Principal Consultant

Striker Security

I ran a small computer security consulting company.

May 2016 - Jan 2018

Software Development Intern

Nylas

I worked primarily on Nylas N1, an electron mail client. Notable projects include implementing a PGP plugin allowing users to send and receive PGP-encrypted mail.

Jan 2016 - May 2016

Student Fellow

.406 Ventures

Member of the sixth class of student fellows at .406 Ventures, a large technology VC firm. Help identify early-stage startups within the Olin and Babson College communities and collaborate with student fellows from across the country to assess investment opportunities.

Jan 2015 - May 2016

Intern

Black Hills Information Security

Pentesting and some really, really cool R&D projects.

Sep 2014 - Jan 2016

Developer Intern

Systems & Technology Research

Worked on the DARPA SMISC project with two other interns. We had pretty free rein, which was a lot of fun.

May 2014 - Aug 2014

Computer Security Intern

Sandia National Laboratories

Worked on computer forensics training material used by DOE for training staff from multiple departments and agencies.

May 2013 - Aug 2013

Research Assistant

United States Air Force Research Laboratory

Space stuff, largely cubesat-based.

May 2012 - Aug 2012

Education

Olin College of Engineering

Bachelor of Science
Engineering with a Concentration in Computing
2013 - 2017

South Dakota School of Mines and Technology

Cross-Enrolled During High School
Engineering and Math - Completed 28 Credits
2012 - 2013